THREATPKG
SYNC STALE
Supply-chain threat intelligence
Incident detail
criticalnpm·malware·osv
Malicious code in retail-location-strategy-frontend (npm)
Risk score
92
AI summary
Indexed incident for retail-location-strategy-frontend (npm).
Description
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (056a42f9d6cabda51a99fe21f647f8270a15e121d2017f53e3fa7cc1aad9a47f)
The OpenSSF Package Analysis project identified 'retail-location-strategy-frontend' @ 1.1.1 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
Technical details
Affected versions
<function fixed() { [native code] }
Indicators
- affected_version<function fixed() { [native code] }75%
- affected_version<function fixed() { [native code] }75%
Timeline
- Advisory published
- Indexed by ThreatPkg
Related incidents
- Malicious code in @challenger6/vm-pattern-library (npm)@challenger6/vm-pattern-library92
- Malicious code in buffer-utilities (npm)buffer-utilities92
- Malicious code in sorenson-webfonts (npm)sorenson-webfonts92
- Malicious code in lib-1779997093-yjeeqn (PyPI)lib-1779997093-yjeeqn92
- Malicious code in @neon-i18n/core-ui (npm)@neon-i18n/core-ui92